API Referentie

Font Data en Management

Moderne typografie voor de creatieve industrie — REST API v2.4, live since 2023-09-12

The LetterLab REST API gives developers programmatic access to font metadata, licensed download links, user management, and licensing status. Base URL: https://api.letterlab.io/v2. All requests and responses use JSON. The API is versioned via the Accept-Version header (current: 2.4).

Endpoints

Core resource endpoints grouped by domain. Each endpoint supports standard HTTP methods and returns JSON payloads. Pagination is cursor-based via the Cursor header on list endpoints.

Fonten

GET /fonts

List all fonts in your organization's library. Supports filtering by family, weight, style, and tag. Returns up to 50 results per page.

GET /fonts/{fontId} — Fetch full metadata for a single font, including OpenType table checksums, glyph count, and embedded license scope.

GET /fonts/{fontId}/axes — Retrieve variable font axis definitions (wght, wdth, opsz, slnt, etc.) with min/max/default values.

Downloads

POST /downloads/sign

Generate a time-limited, cryptographically signed download URL for a specific font file. The signed URL expires after 300 seconds and is single-use. Requires an active license for the requested format (OTF, TTF, WOFF2).

GET /downloads/{downloadId}/status — Check whether a signed URL has been consumed, expired, or is still valid.

Licenties

GET /licenses

List all active licenses for your organization. Filter by status, seat_count, or expiration_date. Includes font family coverage and deployment scope (web, print, embedded, SaaS).

POST /licenses — Create a new license request. Auto-provisioned for pre-paid plans; manual approval for custom enterprise agreements.

Gebruikers

GET /users

List team members with their roles (admin, designer, developer, viewer) and assigned license seats. Supports search by email or name.

PUT /users/{userId} — Update role or reassign license seats. DELETE /users/{userId} — Remove a user and release their seats back to the pool.

Specimens

GET /fonts/{fontId}/specimens

Retrieve specimen image URLs (PNG, SVG) generated at standard PPIs. Useful for rendering previews in design tools and web dashboards without downloading full font binaries.

Webhooks

POST /webhooks

Register webhook endpoints for events: license.expiring, license.expired, download.completed, user.role_changed. LetterLab retries failed deliveries for 48 hours with exponential backoff.

Authentication

All API requests require authentication via Bearer token. Tokens are scoped to your organization and can be generated in the LetterLab dashboard under Settings → API Keys.

Header

Include the token in every request:

Authorization: Bearer ll_live_8f4a2c1d9e7b6a3f5c0d2e8a1b4c7d9f

Token Types

ll_live_* — Production token. Grants full read/write access to your organization's fonts, licenses, and users.

ll_test_* — Sandbox token. Read-only access to a mirrored dataset. Safe for development and staging environments.

Scopes

Tokens carry one or more scopes: fonts:read, fonts:write, downloads:sign, licenses:read, licenses:write, users:read, users:write. If a request requires a scope the token lacks, the API returns 403 Forbidden with a "missing_scope" error code.

Rotate keys immediately if a token is exposed. Old tokens remain valid for 24 hours after rotation to avoid service disruption.

Rate Limits

Rate limits protect the API from abuse and ensure consistent latency for all partners. Limits are applied per organization, not per token.

Standard Plan

120 requests / minute across all endpoints. Burst allowance of 200 requests in any 60-second window. Signed download URLs count against this limit.

Enterprise Plan

1,000 requests / minute with a burst allowance of 1,500. Separate sub-limit: 50 / minute for POST /downloads/sign to prevent credential stuffing.

Headers & Responses

Every response includes rate-limit headers:

X-RateLimit-Limit: 120
X-RateLimit-Remaining: 97
X-RateLimit-Reset: 1719847200

When the limit is exceeded, the API returns 429 Too Many Requests with a Retry-After header (seconds until the window resets).

Examples

Concrete request and response samples for the most common workflows.

List Fonts with Filter

Request

GET /fonts?family=Meridian&weight=400..700&tag=display
Authorization: Bearer ll_live_8f4a2c1d9e7b6a3f5c0d2e8a1b4c7d9f
Accept-Version: 2.4

Response (200 OK)

{
  "data": [
    {
      "id": "font_meridian-display-400",
      "family": "Meridian",
      "style": "Regular",
      "weight": 400,
      "format": ["OTF", "WOFF2"],
      "glyph_count": 562,
      "file_size_bytes": 184320,
      "license_scope": "web",
      "created_at": "2024-01-18T09:12:00Z"
    }
  ],
  "cursor": "eyJpZCI6ImZvbnRfbWVyaWRpYW4iLCJwYWdlIjoxfQ==",
  "has_more": true
}

Sign a Download URL

Request

POST /downloads/sign
Authorization: Bearer ll_live_8f4a2c1d9e7b6a3f5c0d2e8a1b4c7d9f
Content-Type: application/json

{
  "font_id": "font_meridian-display-400",
  "format": "WOFF2"
}

Response (200 OK)

{
  "download_id": "dl_9k3m2p7x",
  "signed_url": "https://cdn.letterlab.io/d/9k3m2p7x/Meridian-Regular.woff2?sig=abc123...",
  "expires_at": "2025-06-01T14:05:00Z",
  "single_use": true
}

Update User Role

Request

PUT /users/usr_4f8a2c
Authorization: Bearer ll_live_8f4a2c1d9e7b6a3f5c0d2e8a1b4c7d9f
Content-Type: application/json

{
  "role": "developer"
}

Response (200 OK)

{
  "id": "usr_4f8a2c",
  "name": "Sanne de Vries",
  "email": "sanne@studiohelf.nl",
  "role": "developer",
  "license_seats": 1,
  "updated_at": "2025-06-01T14:02:33Z"
}

For error handling, consult the Error Reference page. All error responses follow the RFC 7807 Problem Details format with a "type", "title", "status", and "detail" field.

Generate API Key Error Reference